The Sandbox

RSA Conference 2015 brings The Sandbox, an opportunity to take part in a series of hands-on, interactive exhibits designed to demonstrate info-sec skills used in every day. Stop by and solve a crime at the CSI Digital Crime Lab, a mocked-up crime scene and digital forensics lab. Participate in or watch, SANS NetWars, a suite of real-life challenges to test out your info-sec skills. Using SuperTuxKart, an open-source version of Mario Kart, join the OpenGarages demo and interact with the technology that moves your car. Try your hand at hardware hacking with JTAGulator, and work with industrial equipment stations (ICS) found in a typical water plant at the ICS Village. You will learn something, no matter what your level or background. And don’t forget to unwind at Cybrew Café, taste the brew at Beer Camp, and beat burnout at the Morning Meditation class. To hear about these different activities, read below or listen to our webcast.

In this collaborative space, you will have the opportunity to engage in dynamic learning and networking opportunities. Kicking off the week with the popular RSAC Innovation Sandbox Contest, The RSAC Sandbox at Moscone Center North, Room 134 continues through Thursday, hosting a suite of hands-on activities. Bring your forward-thinking ideas to share with your peers and enrich your RSA Conference experience!

Here is a sneak peek into The RSAC Sandbox at 134 activities:

Live Industrial Control Systems (ICS) Demo

The ICS village contains both a full replica of a typical water plant network setup, as well as isolated industrial equipment stations to try out. You will get to interact firsthand with commonly found hardware and software that is used in most industries. You will be able to run common security/discovery tools against these systems, program a PLC, use one of our ICS protocol fuzzers or just ask questions and push buttons.

Tom Van Norman brought the first ICS Village to DefCon in 2014. As Senior Technical Staff at CounterHack Challenges, LLC, Van Norman provides insights into SANS NetWars Cybercity. He is also Cybersecurity Services Manager at Phoenix Contact and performs thought research on select cyber systems for Delaware Air National Guard. Previously he worked for CH2M Hill, ImClone Systems and the U.S. Air Force/Air National Guard.

JTAGulator with Joe Grand

On-chip debug (OCD) interfaces can provide chip-level control of a target device and are primary vectors used by engineers, researchers and hackers to extract program code or data, modify memory contents or affect device operation on the fly. Depending on the complexity of the target device, manually locating available OCD connections can be a difficult and time-consuming task, sometimes requiring physical destruction or modification of the device. JTAGulator is an open source hardware tool that assists in identifying OCD connections from test points, vias or component pads on a target device. Joe Grand is an electrical engineer and prolific inventor with four pending patents and 19 commercially available products. Involved in computers and electronics since the age of 7, he is a former member of the legendary Boston-based hacker collective L0pht Heavy Industries, has testified before the United States Senate Governmental Affairs Committee under his nom de hack, Kingpin, and has been praised as a "modern day Paul Revere" by senators for his research and warnings of computer security weaknesses. Recognized for his unconventional approaches to product development and licensing, Grand is also a well-known hardware hacker and industrial artist, a book author and contributor, and a member of the technical advisory board of MAKE Magazine.

CSI Digital Crime Lab—A Virtual WhoDunnit

Become a sleuth at our digital crime scene and catch a would-be criminal.

With the multitude of digital devices used by today’s workforce, digital forensic skills have become necessary in piecing together the who, what, why and how of a crime. Come test your sleuthing skills at a mocked-up crime scene and digital forensics lab, and see if you can figure out who was involved in our crime via the smartphone evidence.

For two decades, Amber Schroader has been a driving force for innovation in digital forensics. Schroader has developed over two-dozen software programs designed to recover digital data from mobile phones, computer hard drives, email and live monitoring services. Schroader coined the concept of the “360-degree approach to digital forensics,” pushing for a big-picture consideration of the digital evidence acquisition process. An accomplished curriculum developer and instructor, Schroader has written and taught numerous classes for this specialized field.

Open Garages – Learn How Technology Drives Your Car

Join The Cavalry and Open Garages to learn more about how we are prioritizing cyber safety in areas which affect public safety and human life. Get hands-on experience with automotive computers by controlling a SuperTuxKart (an open-source version of Mario Kart) and a test rig featuring an actual vehicle Electronic Contol Unit (ECU), a Body Control Cluster and a gauge/instrument cluster.

Craig Smith works with the auto industry to harden high-end automotive system infrastructures. He often provides classes on automotive security and started Open Garages. Open Garages is an open collaboration of vehicle enthusiasts across the country that develops open-source hardware and software to further hobbyist research. Smith specializes in reverse engineering of software and hardware protection schemes. He and his team at Theia Labs build open solutions to complex security researching tasks.

Beer Camp in The Sandbox

Tickets are sold out for 1st Annual RSAC Beer Camp led by Sierra Nevada. The Beer Camp experience will be lead by a personal guide from the local California brewery Sierra Nevada, and includes tastings from the following beer styles - Rye IPA, Belgian, Amber Ale, Bock, Barley Wine Style Ale and a Dark Brew.

Founded in 1980, Sierra Nevada Brewing Co. is one of America’s premier craft breweries, highly regarded for using only the finest quality ingredients. The pioneering spirit that launched Sierra Nevada now spans both coasts with breweries in Chico, California and Mills River, North Carolina. Sierra Nevada has set the standard for craft brewers worldwide with innovations in the brewhouse as well as advances in sustainability. It is famous for its extensive line of beers including Pale Ale, Torpedo®, Porter, Stout, Kellerweis® and a host of seasonal, specialty and limited release beers. Learn more at www.sierranevada.com.

Beating Burnout in the Box

Morning Meditation

Start your morning off right and reenergize by joining Chris Shelton in The Sandbox to unlock the key to healthy living on April 22nd. Shelton will reveal the correlation between stress and disease, and how it impacts your work. Then he will teach you simple tools to help you handle daily stress, increase your energy, and just feel better. Beginner meditation starts at 7:30 AM and QiGong beginner meditation starts at 8:15 AM.

Qigong for Health and Vitality

Are you ready for change? Join us for this session on April 22nd from 1:20 PM - 2:10 PM in Room 131 taught by Morning Crane founder, author and speaker Chris Shelton. Learn how to face your work and life with renewed health and vitality by practicing the new yoga—Qigong (Qi pronounced Chi), an ancient tradition that quiets the mind and flows life-force energy to all parts of your mind, body and spirit. Prerequisite: comfortable clothing and an intention for balance and harmony.

Chris Shelton is a healer, speaker and author on the topic of healthy living. Shelton has been studying and practicing Qigong, Tai Chi and Traditional Chinese Medicine for almost 25 years. A master in his craft, he has helped transform the lives of thousands of people, including celebrities and professional athletes. Currently he is the CEO of Morning Crane Healing Arts & Fitness Studios in San Jose. He looks forward to revealing the keys of health to the information security community.

Adjacent to Cybrew, The Concierge will offer reserved seating for your meetings. To reserve, email cybrewseating@rsa.com, and include your name, telephone number that receives texts, the date & time of the reservation and number in your party (up to 4 per table). The concierge’s hours are:

NetWars with Ed Skoudis

SANS NetWars is a suite of hands-on, interactive learning scenarios that enable information security professionals to develop and master the real-world, in-depth skills they need to excel in their field. Participants learn in a cyber range while working through various challenge levels with a focus on mastering skills that information security professionals can use in their jobs every day. Stop by and watch as selected challengers compete against their peers.Ed Skoudis is a security expert on hacker attacks and defenses, a world-renowned author and president of Counter Hack Challenges—the company that has built the most sophisticated cyber competitions and ranges used by the U.S. military. Skoudis has demonstrated hacker techniques against financial institutions for the U.S. Senate and frequently speaks at security conferences. He is also a SANS Faculty Fellow who teaches thousands of information security professionals how to improve their skills and better defend their networks. He was the expert called in by the White House to test the security viability of the Trusted Internet Connection (TIC), and he provides after-attack analysis on most major attacks against commercial organizations where credit card data is lost.

The RSAC Sandbox space is open to Full Conference, Explorer Expo Plus and Explorer Expo registrants on Monday and to ALL badge holders Tuesday through Thursday.